IT Security Notifications

In the following we offer you a short list of current security notifications. We make the complete security notifications available to registered customers in the protected area of the KISTERS Service-Portal. By clicking on a notification item below, you will be forwarded to the respetive fulltext version of the notification in the Service-Portal and thereby may be asked to enter your credentials.

Newest first

Vulnerability in the Apache Commons Text library

On October 17, 2022, the German Federal Office for Information Security (BSI) informed about a...

Read more
Water

Log4j artifacts.

We’ve been informed by a customer that one of the delivered Jar files in the KiDSM distribution...

Read more
Water

OpenSSL CVE-2022-2274

Based on the description CVE-2022-2274 and CVE-2022-2097 “Source: CVE: CVE-2022-2274 - CVE-Search, C...

Read more
Water

PHP CVE-2022-31625

The KISTERS solutions are not actively using the method "pg_query_params()" or the "mysqlnd/pdo"...

Read more
Water

Java Spring Framework CVE-2022-22965

A zero-day vulnerability was found in the popular Java Web application development framework Spring

Read more
Water

Apache HTTP Server CVE-2021-44228

CERT-Bund has published a short info on vulnerabilities in the Apache HTTP Server

Read more
Water

XML libexpat CVE-2022-23852

Critical security vulnerability in the "Expat library" for processing XML messages

Read more
Water

H2-Console CVE-2021-42392

Vulnerability in the H2 database console found

Read more
Water